⊥ᵒᵚ Cᵸᵎᶺᵋᶫ∸ᵒᵘ ☑️ @falken@qoto.org

There is one week left on the Runaway to the Stars Kickstarter! If you wanted to get in, remember to do it soon!

http://www.kickstarter.com/projects/ironspike/runaway-to-the-stars?ref=bftk76

Dirty Frag: Universal Linux LPE https://www.openwall.com/lists/oss-security/2026/05/07/8

This is a report on "Dirty Frag", a universal LPE that allows obtaining root privileges on all major distributions. This vulnerability has a similar impact to the previous Copy Fail.

#linux #security

🆕 blog! “I've found just the right paper for my Bottom Hole problem”

A few weeks ago, I went on a mad quest to find the newspaper used in 1995's Bottom Hole TV show.

During the episode, Eddie starts reading this newspaper:

Obviously, the "Hammersmith Bugle" is not a real paper and they never ran a headline "No News Shocker". But judging from all…

👀 Read more: https://shkspr.mobi/blog/2026/05/ive-found-just-the-right-paper-for-my-bottom-hole-problem/
⸻
#comedy #newspapers #tv

time to look at BSSG

https://bssg.dragas.net/

@EUCommission Allow me to assist

UK council elections today. Racists and the terminally gullible will doubtless overlook sleaze when it comes to putting their kisses down for the anti-establishment party led by a public school educated ex-stockbroker millionaire, and Dubai Dickie - a tax dodging BizBro who demonstrates his patriotism by living in UAE.

New Single user instance, please re-toot when you see this to help propagate to the 'verse

This is *brutal*...

"There are no more juniors. There was a funeral for their passing in 2024. Nobody came. The machine does what they do now, but cheaper. Of course, juniors weren't valuable for what they produced, they were valuable for who they would become: the senior engineer who knows where the bodies are buried. We optimized for output, and abolished apprenticeship. A few years from now, we'll wonder where all the seniors are. We shot them. Nobody will remember."

https://www.stvn.sh/writing/programming-still-sucks-fqffhyp

ETA:
This is by @stevendotjs, who absolutely nails a bunch of things I've been feeling for a while now, but had no idea how to articulate...

“All those moments will be lost in time, like cum in rain…”

Not all open source contributions involve code.

Rocky Linux is looking for a volunteer graphic designer to help create social media graphics. If you want to support a community-driven Linux project and design is your thing, we'd love to connect.

Reply here or reach out through our community channels to learn more.

#RockyLinux #OpenSource #GraphicDesign #GetInvolved

The reason I was installing.. normally when you're on a command line, typing something like 'dotnet --list-sdks' or 'cmd.exe /c ver' will simply produce its output on the command line.

Except on one machine. Where either of those commands opens a new window that instantly disappears, so you can never see the output (this is not just annoying - it breaks unity for example).

Figured it was a busted windows update, flattened and rebuilt the machine.. same behaviour.. so completely stuffed.

They'd have got away with it, if it wasn't for those meddling kids.

RT: @theleftbible Deafening applause as Zack Polanski tells Zia Yusuf that people's concern over immigration is because he spends all his time spreading misinformation and fear.

Let’s make this go viral 👇

My home-hosted mastodon server has been quite busy. Now admittedly this is a text only toot; no media. But it has coped fine with this that went a bit viral. Almost 2000 boosts, over 2000 faves, 1300 quotes. And the traffic graph on my line for this specific traffic has seldom gone above ten meg. Mostly below five. So home hosting (on this narrow basis alone) for the win?

Cloudflare continues to push the worst shit combination of centralization of the internet and genAI bullshit but congratulations, they've hit a new combo so bad I didn't even consider it possible https://blog.cloudflare.com/agents-stripe-projects/

That's right! Your agents can now provision servers, spend money, and do everything for you!

You don't even need to hand them a credit card!

What's that? Why's that?

Because they've teamed up with Stripe! Why yes, if you've signed up with Stripe Atlas (don't "shrug" this Atlas off, friends!), which is Stripe's "launch a startup for you" company-to-make-companies, they'll give you $100k of FREE credits!!!

That first hit! It's free! Hey!

I bet all the future hits will be too, right? And uh, who will be left holding that bill after you've established this nice dependency?

Vibe coding? That's nothing! Time to go all in on Vibe Founding!

I've got folks in my comments speculating about what specifically is happening with Canonical/Ubuntu right now.

This speculation illustrates my point: they should be transparent about what's happening. We shouldn't have to speculate.

I can appreciate that uptime is hard and a DDoS is also hard, but they've been blogging about other topics. That feels like misplaced priorities if you ask me.

i have a phd in ~language models~ and with the full gravitas of my expertise, ppl need to stop talking to chatbots

The coreutils Rust rewrite story is pretty funny.

Coreutils are tools like rm, mv, mkdir, etc. Unlike binutils, this isn't a fertile ground for memory safety bugs. But, the rewrite was completed, and in the spirit of progress, Canonical decided to switch.

But do you know what coreutils are a fertile ground for? Race conditions around file creation, deletion, permission setting, and so on. The original code accounted for decades of hard-learned lessons in that space. The Rust rewrite did not:

https://seclists.org/oss-sec/2026/q2/332

PS. I'm not dunking on Rust. It's just that... starting over from scratch has its hidden costs.